Skip to main content
CVE-2017-8133 HIGH This Week

Huawei iManager NetEco with software V600R008C00 and V600R008C10 has a command injection vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Huawei Command Injection Neteco
NVD
CVSS 3.0
8.8
EPSS
1.1%
CVE-2017-8135 HIGH This Week

The FusionSphere OpenStack with software V100R006C00 and V100R006C10 has a command injection vulnerability due to the insufficient input validation on four TCP listening ports. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Command Injection Fusionsphere Openstack
NVD
CVSS 3.0
8.8
EPSS
0.5%
CVE-2017-2722 HIGH This Week

DP300 V500R002C00,TE60 with software V100R001C01, V100R001C10, V100R003C00, V500R002C00 and V600R006C00,TP3106 with software V100R001C06 and V100R002C00,ViewPoint 9030 with software V100R011C02,. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service RCE Dp300 Firmware Te60 Firmware Tp3106 Firmware +5
NVD
CVSS 3.0
8.8
EPSS
0.5%
CVE-2017-2719 HIGH This Week

FusionSphere OpenStack with software V100R006C00 and V100R006C10RC2 has two command injection vulnerabilities due to the insufficient input validation on one port. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Command Injection Fusionsphere Openstack
NVD
CVSS 3.0
8.8
EPSS
0.4%
CVE-2017-2718 HIGH This Week

FusionSphere OpenStack with software V100R006C00 and V100R006C10RC2 has two command injection vulnerabilities due to the insufficient input validation on one port. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Command Injection Fusionsphere Openstack
NVD
CVSS 3.1
8.8
EPSS
0.4%
CVE-2017-8194 HIGH This Week

The FusionSphere OpenStack V100R006C00SPC102(NFV) has an improper authentication vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Fusionsphere Openstack
NVD
CVSS 3.0
8.8
EPSS
0.4%
CVE-2017-8195 HIGH This Week

The FusionSphere OpenStack V100R006C00SPC102(NFV) has an improper authentication vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Fusionsphere Openstack
NVD
CVSS 3.0
8.8
EPSS
0.3%
CVE-2017-8134 HIGH This Week

The FusionSphere OpenStack with software V100R006C00 and V100R006C10 has a command injection vulnerability due to the insufficient input validation on four TCP listening ports. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Command Injection Fusionsphere Openstack
NVD
CVSS 3.0
8.8
EPSS
0.3%
CVE-2017-8132 HIGH This Week

The FusionSphere OpenStack with software V100R006C00 and V100R006C10 has a command injection vulnerability due to the insufficient input validation on four TCP listening ports. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Command Injection Fusionsphere Openstack
NVD
CVSS 3.0
8.8
EPSS
0.3%
CVE-2017-8131 HIGH This Week

The FusionSphere OpenStack with software V100R006C00 and V100R006C10 has a command injection vulnerability due to the insufficient input validation on four TCP listening ports. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Command Injection Fusionsphere Openstack
NVD
CVSS 3.0
8.8
EPSS
0.3%
CVE-2017-2737 HIGH This Week

VCM5010 with software versions earlier before V100R002C50SPC100 has an arbitrary file upload vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

File Upload Vcm5010 Firmware
NVD
CVSS 3.0
8.8
EPSS
0.2%
CVE-2017-8138 HIGH This Week

HedEx Earlier than V200R006C00 versions has a cross-site request forgery (CSRF) vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Hedex Lite
NVD
CVSS 3.0
8.8
EPSS
0.1%
CVE-2017-2726 HIGH This Week

Bastet in P10 Plus and P10 smart phones with software earlier than VKY-AL00C00B123 versions, earlier than VTR-AL00C00B123 versions have a buffer overflow vulnerability. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Google P10 Firmware P10 Plus Firmware
NVD
CVSS 3.0
8.4
EPSS
0.2%
CVE-2017-2724 HIGH This Week

Bastet in P10 Plus and P10 smart phones with software earlier than VKY-AL00C00B123 versions, earlier than VTR-AL00C00B123 versions have a buffer overflow vulnerability. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Google P10 Firmware P10 Plus Firmware
NVD
CVSS 3.0
8.4
EPSS
0.2%
CVE-2017-8155 HIGH This Week

The outdoor unit of Customer Premise Equipment (CPE) product B2338-168 V100R001C00 has a no authentication vulnerability on a certain port. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass B2338 168 Firmware
NVD
CVSS 3.0
8.4
EPSS
0.0%
CVE-2017-15098 HIGH This Week

Invalid json_populate_recordset or jsonb_populate_recordset function calls in PostgreSQL 10.x before 10.1, 9.6.x before 9.6.6, 9.5.x before 9.5.10, 9.4.x before 9.4.15, and 9.3.x before 9.3.20 can. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PostgreSQL Information Disclosure Debian Linux
NVD
CVSS 3.0
8.1
EPSS
0.9%
CVE-2017-8193 HIGH This Week

The FusionSphere OpenStack V100R006C00SPC102(NFV) has a command injection vulnerability. Rated high severity (CVSS 8.0), this vulnerability is low attack complexity. No vendor patch available.

Command Injection Fusionsphere Openstack
NVD
CVSS 3.0
8.0
EPSS
0.4%
CVE-2017-2714 HIGH This Week

The GaussDB in FusionSphere OpenStack V100R005C10SPC705 and earlier versions has a buffer overflow vulnerability. Rated high severity (CVSS 8.0), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow RCE Denial Of Service Fusionsphere Openstack
NVD
CVSS 3.0
8.0
EPSS
0.1%
CVE-2017-16879 HIGH This Week

Stack-based buffer overflow in the _nc_write_entry function in tinfo/write_entry.c in ncurses 6.0 allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Memory Corruption Denial Of Service RCE Ncurses
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2017-8203 HIGH This Week

The Bastet Driver of Nova 2 Plus,Nova 2 Huawei smart phones with software of Versions earlier than BAC-AL00C00B173,Versions earlier than PIC-AL00C00B173 has a use after free (UAF) vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Use After Free RCE Memory Corruption Huawei +2
NVD
CVSS 3.0
7.8
EPSS
0.3%
CVE-2017-2693 HIGH This Week

ALE-L02C635B140 and earlier versions,ALE-L02C636B140 and earlier versions,ALE-L21C10B150 and earlier versions,ALE-L21C185B200 and earlier versions,ALE-L21C432B214 and earlier versions,ALE-L21C464B150. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Path Traversal P8 Lite Firmware Mate 7 Firmware Mate S Firmware P8 Firmware +4
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2017-8159 HIGH This Week

Some Huawei smartphones with software AGS-L09C233B019,AGS-W09C233B019,KOB-L09C233B017,KOB-W09C233B012 have a type confusion vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Huawei Agassi L09Hn Firmware Agassi W09Hn Firmware +2
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2017-8160 HIGH This Week

The Madapt Driver of some Huawei smart phones with software Earlier than Vicky-AL00AC00B172 versions,Vicky-AL00CC768B122,Vicky-TL00AC01B167,Earlier than Victoria-AL00AC00B172. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Use After Free RCE Memory Corruption Huawei +5
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2017-8142 HIGH This Week

The Trusted Execution Environment (TEE) module driver of Mate 9 and Mate 9 Pro smart phones with software versions earlier than MHA-AL00BC00B221 and versions earlier than LON-AL00BC00B221 has a use. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Memory Corruption Use After Free RCE Mate 9 Firmware +1
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2017-2692 HIGH This Week

The Keyguard application in ALE-L02C635B140 and earlier versions,ALE-L02C636B140 and earlier versions,ALE-L21C10B150 and earlier versions,ALE-L21C185B200 and earlier versions,ALE-L21C432B214 and. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Command Injection P8 Lite Firmware Mate 7 Firmware Mate S Firmware P8 Firmware +4
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2017-8212 HIGH This Week

The driver of honor 5C,honor 6x Huawei smart phones with software of versions earlier than NEM-AL10C00B356, versions earlier than Berlin-L21HNC432B360 have a buffer overflow vulnerability due to the. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Google Huawei Honor 5C Firmware +1
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2017-8211 HIGH This Week

The driver of honor 5C,honor 6x Huawei smart phones with software of versions earlier than NEM-AL10C00B356, versions earlier than Berlin-L21HNC432B360 have a buffer overflow vulnerability due to the. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Google Huawei Honor 5C Firmware +1
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2017-8210 HIGH This Week

The driver of honor 5C,honor 6x Huawei smart phones with software of versions earlier than NEM-AL10C00B356, versions earlier than Berlin-L21HNC432B360 have a buffer overflow vulnerability due to the. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Google Huawei Honor 5C Firmware +1
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2017-8209 HIGH This Week

The driver of honor 5C,honor 6x Huawei smart phones with software of versions earlier than NEM-AL10C00B356, versions earlier than Berlin-L21HNC432B360 have a buffer overflow vulnerability due to the. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Google Huawei Honor 5C Firmware +1
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2017-8208 HIGH This Week

The driver of honor 5C,honor 6x Huawei smart phones with software of versions earlier than NEM-AL10C00B356, versions earlier than Berlin-L21HNC432B360 have a buffer overflow vulnerability due to the. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Google Huawei Honor 5C Firmware +1
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2017-8207 HIGH This Week

The driver of honor 5C, honor 6x Huawei smart phones with software of versions earlier than NEM-AL10C00B356, versions earlier than Berlin-L21HNC432B360 have a buffer overflow vulnerability due to the. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Google Huawei Honor 5C Firmware +1
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2017-8170 HIGH This Week

Huawei smart phones with software earlier than VIE-L09C40B360 versions have a buffer overflow vulnerability due to the lack of parameter validation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Huawei Vie L09 Firmware
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2017-8169 HIGH This Week

Huawei smart phones with software earlier than VIE-L09C40B360 versions have a buffer overflow vulnerability due to the lack of parameter validation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Huawei Vie L09 Firmware
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2017-8204 HIGH This Week

The Bastet driver of Honor 9 Huawei smart phones with software of versions earlier than Stanford-AL10C00B175 has a buffer overflow vulnerability due to the lack of parameter validation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Huawei Honor 9 Firmware
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2017-2729 HIGH This Week

The boot loaders in Honor 5A smart phones with software Versions earlier than CAM-TL00C01B193,Versions earlier than CAM-TL00HC00B193,Versions earlier than CAM-UL00C00B193 have a buffer overflow. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Google Honor 5A Firmware P8 Lite Firmware
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2017-2725 HIGH This Week

Bastet in P10 Plus and P10 smart phones with software earlier than VKY-AL00C00B123 versions, earlier than VTR-AL00C00B123 versions have a buffer overflow vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Google P10 Firmware P10 Plus Firmware
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2017-2699 HIGH This Week

The Huawei Themes APP in versions earlier than PLK-UL00C17B385, versions earlier than CRR-L09C432B380, versions earlier than LYO-L21C577B128 has a privilege elevation vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Huawei File Upload Honor 7 Firmware Mate S Firmware +1
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2017-8180 HIGH This Week

The camera driver of MTK platform in Huawei smart phones with software of versions earlier than Nice-AL00C00B155 has a buffer overflow vulnerability.Due to the insufficient input verification, an. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Huawei Privilege Escalation Mtk Platform Smart Phone Firmware
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-8179 HIGH This Week

The camera driver of MTK platform in Huawei smart phones with software of versions earlier than Nice-AL00C00B155 has a buffer overflow vulnerability.Due to the insufficient input verification, an. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Huawei Privilege Escalation Mtk Platform Smart Phone Firmware
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-8141 HIGH This Week

The Touch Panel (TP) driver in P10 Plus smart phones with software versions earlier than VKY-AL00C00B153 has a memory double free vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Google P10 Plus Firmware
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-8140 HIGH This Week

The soundtrigger driver in P9 Plus smart phones with software versions earlier than VIE-AL10BC00B353 has a memory double free vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE P9 Plus Firmware
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-8181 HIGH This Week

The camera driver of MTK platform in Huawei smart phones with software of versions earlier than Nice-AL00C00B155 has a arbitrary memory write vulnerability.Due to the insufficient input verification,. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Huawei Privilege Escalation Mtk Platform Smart Phone Firmware
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-8150 HIGH This Week

The boot loaders of P10 and P10 Plus Huawei mobile phones with software the versions before Victoria-L09AC605B162, the versions before Victoria-L29AC605B162, the versions before Vicky-L29AC605B162. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Google Huawei P10 Firmware +3
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-8205 HIGH This Week

The Bastet driver of Honor 9 Huawei smart phones with software of versions earlier than Stanford-AL10C00B175 has integer overflow vulnerability due to the lack of parameter validation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Integer Overflow RCE Huawei Honor 9 Firmware
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-2716 HIGH This Week

The camerafs driver in Mate 9 Versions earlier than MHA-AL00BC00B173 has buffer overflow vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Google Privilege Escalation Mate 9 Firmware
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-2697 HIGH This Week

The goldeneye driver in NMO-L31C432B120 and earlier versions,NEM-L21C432B100 and earlier versions,NEM-L51C432B120 and earlier versions,KNT-AL10C746B160 and earlier versions,VNS-L21C185B142 and. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Google Gt3 Firmware Honor 5C Firmware Knt Firmware +2
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-2696 HIGH This Week

The emerg_data driver in CAM-L21C10B130 and earlier versions, CAM-L21C185B141 and earlier versions has a buffer overflow vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Google Y6Ii Firmware
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-2698 HIGH This Week

The ddr_devfreq driver in versions earlier than GRA-UL00C00B197 has buffer overflow vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Google P8 Firmware
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-8137 HIGH This Week

HedEx Earlier than V200R006C00 versions has a dynamic link library (DLL) hijacking vulnerability due to calling the DDL file by accessing a relative path. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Hedex Lite
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-7501 HIGH PATCH This Week

It was found that versions of rpm before 4.13.0.2 use temporary files with predictable names when installing an RPM. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Denial Of Service Privilege Escalation Rpm
NVD GitHub
CVSS 3.0
7.8
EPSS
0.1%
Page 1 of 2 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy